CORPORATE RESOURCES…

Continuous analysis with JetBrains TeamCity

Everybody knows the benefits of CI in the SDLC. I’m not discovering new ground here, but what’s interesting is that you can leverage your continuous integration processes to have a continuous analysis processes to have all the objective information you need from your applications at build time with Kiuwan.

If you run your application’s continuous integration with JetBrains’ TeamCity, in this article you will learn how easy it is to run a Kiuwan analysis as part of the process. Let’s get started.

First, you need your TeamCity Server installed and operational (you can download the professional edition for free here). Second, you need your TeamCity Build Agents installed, you can have as many as you need in different operating systems. Third, you need a Kiuwan account of course. And last but not least you need to download the Kiuwan Local Analyzer (KLA) from your Kiuwan account and install it in every TeamCity agent machine.

I’m going to assume you have fulfilled the first 3 requirements. I’m going to guide you step-by-step on how to configure a TeamCity build to run an automatic Kiuwan analysis starting by installing the KLA and configure the agent machines to run it.

Run a Kiuwan analysis from a TeamCity build step-by-step

Install the KLA in the agent machines. Installing the KLA is pretty simple and straightforward, just take the KiuwanLocalAnalyzer.zip downloaded directly from your Kiuwan account and unzip it in a directory of your choice. That directory /KiuwanLocalAnalyzer will be your Kiuwan home (sometimes we call it agent home, to avoid confusion with the TeamCity agent I’ll stick to Kiuwan home). In Windows machines the KLA installation is done. For unix based machines there are a couple of little things to do:
Go to your directory and run a chmod command for all *.sh files to add execution permission (find -name “*.sh” -exec chmod +x {} \;)
Now, go to /bin directory and create a symbolic link named agent pointing to agent.sh (ln -s agent.sh agent).
To be able to invoke the KLA CLI in every machine without the installation path, add the /bin directory to the system path.
Select an existing project in TeamCity or create a new one. In TeamCity every project has one or more Version Control System (VCS) associated to it. This way the agent build agents take care of stracting the source code automatically. The VCS could be basically any: SVN, Git, GitHub, BitBucket, TFS, etc.

3. The next step is to configure a new build step that will run the Kiuwan analysis in a project existing build configuration, or create a new build configuration to include the Kiuwan analysis step.

Click create build configuration or edit an existing one in the general project settings page.

4. In the build configuration settings screen, the first thing to do is to define a couple of variables that will be available for the build agent at execution time to hold your Kiuwan credentials necessary to run the analysis. Look for the parameters section in the left menu.

Now you have to define 2 system level variables: system.kiuwan.user y system.kiuwan.password. This last one you can set it to be of type password so it is never displayed.

5. Next, in the build configuration settings screen you have to go to the build steps configuration and create a new one to set up the analysis.

You usually want to have your analysis after the actual build of your application, that’s what we have done here. Let’s take a look at how do you have to configure the step.

6. Set the Runner type to Command line from the pull down. Give the step a name. Decide if you want to run this step depending on the result of the previous ones. Leave the working directory empty to use the default VCS checkout directory.

And now the important part, define the command and parameters to run. Select Executable with parameters from the pull down. Specify agent as the command to run and the following parameters to pass to the command:

Notice that we are using TeamCity variables for the name of the application to analyze (it will be the project name), the directory where the source code is (it will be the checkout directory), a label for the analysis (it will be the build number) and the Kiuwan credentials we defined previously.

This configuration will run a Kiuwan Baseline analysis. If you want to run a delivery analysis for a change request you can define another build configuration where the analysis step will have extra parameters for the KLA agent to run a delivery analysis. Refer to the Kiuwan Local Analyzer documentation for more information on the available parameters.

7. The last thing is to define a trigger to run the build on the project on given conditions. The typical ones will be to run a build when changes are committed to the VCS or run it periodically based on a defined schedule. TeamCity has a nice feature allowing you to run it periodical but only if there are committed changes in your VCS. That’s what I’ve done.

For testing purposes, you can always run your build clicking the Run button on the top right of the above screen.

That’s it! You have successfully configured TeamCity to run an automatic Kiuwan analysis for a project.

Run the analysis and see the results

If you run your analysis interactively to test it your build, you can follow its execution in the build log console. You will see the Kiuwan command executed and all the log messages from it.

When it finishes, you can see the final result of the execution and you have a link to access the analysis results in Kiuwan.

Clicking the link will open your default browser and take you directly to the results summary page.

Now you can sit back and let your development team code away. With every TeamCity build you will have the latest results with all the details of security vulnerabilities and other defects. Plan accordingly letting Kiuwan generate automatic action plans based on your team available effort and make you SDLC a continuous improvement process with JetBrains’ TeamCity.